﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Net.Http;
using System.Web.Http;
using TokenManagementAppMVC.Services;

namespace TokenManagementAppMVC.Controllers
{


    public class AuthController : ApiController
    {
        [HttpPost]
        [Route("api/token")]
        public IHttpActionResult GetToken([FromBody] LoginRequest request)
        {
            // 示例验证逻辑（实际应查数据库或配置文件）
            if (request.ClientId != "test_client" || request.ClientSecret != "test_secret")
            {
                return Unauthorized();
            }
            // 配置参数 - 实际应用中应从配置文件中读取
            string secretKey = "your-256-bit-secret"; // 至少256位(32字节)的安全密钥
            string issuer = "your-issuer";
            string audience = "your-audience";
            string userId = "user123";

            // 生成Token
            string token = JwtTokenService.GenerateToken(secretKey, issuer, audience, userId);


            return Ok(new { access_token = token, expires_in = 1800, token_type = "Bearer" });
        }
    }

    public class LoginRequest
    {
        public string ClientId { get; set; }
        public string ClientSecret { get; set; }
    }
}
